Field of the Invention
The present invention generally relates to a large-scale simultaneous digital signature service system based on a hash function and a method thereof that may stably perform large-scale simultaneous digital signature for large-scale digital data using multiple servers in a digital signature service based on a hash function.
Description of the Related Art
Generally, an electronic document, such as a Hangul document, a Word document, a PDF document, or the like, is a document that is written using a computer and is made up of digital information. Unlike conventional documents made of paper, electronic documents may be transmitted in a short time over a data communication network, the Internet, or the like. Accordingly, with the development in communications technology using computers, the use of electronic documents is rapidly increasing.
However, because the electronic document is transmitted in the form of digital signals over a communication network, the security thereof may be weak. Therefore, as one method for improving the reliability of electronic documents, a digital signature may be attached to the document.
Such a digital signature means a seal, a signature, or a cryptographic signature, which is made up of digital information for verifying the identity of the sender of the electronic document, digital data, or digital message. This may be used to guarantee that the content of the delivered electronic document or digital data has not changed. Therefore, a user attaches a digital signature made up of digital information to an electronic document or digital data rather than directly placing a seal or writing a signature on the document.
Meanwhile, the digital signature may be used for certification of an electronic document or digital data in electronic transactions in which online contracts, electronic seals, etc. are required. Also, recently, the digital signature is actively used as a means for guaranteeing the reliability of electronic transactions, as it is legally recognized.
Also, digital signatures are made by signatories on electronic documents or in services such as electronic contracts over the web, electronic subscriptions, and the like. In this case, authentication certificates for certifying the digital signature may be used. The authentication certificate is a certificate that is issued by an institution authorized by a country, and confirms the identity of the signatory or verifies the digital signature of the signatory.
Additional advantages acquired from the use of digital signatures are that the digital signature may be easily transmitted, cannot be repudiated, cannot be copied by others, and automatically maintains a time stamp. Because the digital signature may be used for any electronic document or digital data, regardless of whether it is encrypted or not, the recipient is guaranteed that the electronic document or the digital data has arrived without falsification and may verify the identity of the sender.
Meanwhile, in a conventional digital signature method, a user stores a digital signature in a predetermined computer in advance and attaches the stored digital signature to an electronic document when needed. In this case, the seal or signature of the user, which was converted into digital information through a scanning process, may be used as the digital signature.
However, in the case of the conventional digital signature method, because it is necessary to scan the seal or signature of a user in order to store it in a computer, the process for registering the digital signature is complicated, and because the digital signature is provided through a specific type of network, not all users are allowed to register digital signature. Also, because the recipient of the electronic document cannot verify the authenticity of the signature attached to the document, there is a disadvantage in that the document has low reliability.
Furthermore, these days, as computer crime techniques become more sophisticated, if electronic documents and/or digital signatures are falsified or forged during the process of transmitting the electronic documents, this cannot be detected. Accordingly, the digital signature may not achieve its original object.
In order to solve the above problem, a digital signature method using a public key-based system, which is designed based on public key encryption, has been used recently. Currently, with the development in information and communication technology and the proliferation of high-speed Internet access, demand for information security is increasing in various fields of society. Therefore, domestic and foreign governments and companies are promoting the distribution of documents that are digitally signed using passwords and digital signatures that use a public key-based system.
This digital signature method using the public key-based system electronically writes a certain document, and creates a hashed message from the document using specific software. Then, the hash is encrypted using a private key, which has been received in advance from a public-private key generation center. Here, the encrypted hash becomes the digital signature for the message.
However, the conventional digital signature method using the public key-based system requires a large amount of arithmetic computational resources in order to support digital signatures based on public keys. Therefore, it is unsuitable for simultaneously generating digital signatures for a large amount of data in an Internet of Things (IoT) environment.
Meanwhile, a digital signature system based on a hash function is technology capable of generating a digital signature for each object in an IoT environment. According to this system, rather than performing the digital signature using the limited arithmetic computational resources of the object, data required for generating a signature are centralized in a server, specialized for performing digital signatures, to be processed all together.
In this case, because the reliability of the digital signature is based on the reliability of an authentication value, a plurality of digital signature systems generate identical authentication values by interworking with each other, so as to raise the reliability of the authentication value and signatures.
Also, the way that identical authentication values are generated in order to improve the efficiency and reliability of digital signatures pertains to a more effective and secure way for distributed processing of a hash tree. To achieve this object, in the conventional art, a large-scale hash tree is represented as a hierarchical structure comprising hash subtrees, and an individual server is allocated for processing each of the hash subtrees. This conventional method is a method that is optimized in terms of arithmetic efficiency.
However, in the case of the conventional hierarchical distributed processing method, when a server that serves to compute a hash subtree at a high level fails, this causes failure of the systems connected to the server that compute hash subtrees at lower levels.